| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
security fix and sync with HEAD for xorg
Revisions pulled up:
- pkgsrc/meta-pkgs/xorg/Makefile.common 1.41, 1.42
- pkgsrc/x11/xorg-imake/Makefile 1.29, 1.30
- pkgsrc/x11/xorg-imake/distinfo 1.21
- pkgsrc/x11/xorg-imake/patches/patch-ac 1.8
- pkgsrc/x11/xorg-libs/Makefile 1.37, 1.39, 1.40, 1.41
- pkgsrc/x11/xorg-libs/PLIST 1.8, 1.9, 1.10
- pkgsrc/x11/xorg-libs/distinfo 1.48, 1.49, 1.50, 1.51, 1.52
- pkgsrc/x11/xorg-libs/patches/patch-ac 1.10
- pkgsrc/x11/xorg-libs/patches/patch-ad 1.6
- pkgsrc/x11/xorg-libs/patches/patch-au 1.3
- pkgsrc/x11/xorg-libs/patches/patch-bq 1.1
- pkgsrc/x11/xorg-libs/patches/patch-br 1.1
- pkgsrc/x11/xorg-server/Makefile 1.45
Module Name: pkgsrc
Committed By: rillig
Date: Tue Jul 4 09:20:18 UTC 2006
Modified Files:
pkgsrc/meta-pkgs/xorg: Makefile.common
Log Message:
Made a SUBST block much simpler.
---
Module Name: pkgsrc
Committed By: joerg
Date: Mon Jul 17 17:06:59 UTC 2006
Modified Files:
pkgsrc/x11/xorg-imake: Makefile
Log Message:
Since mkhtmlindex is now a Perl script, depend on Perl and replace
the interpreter. Bump revision.
---
Module Name: pkgsrc
Committed By: minskim
Date: Sun Jul 23 15:45:36 UTC 2006
Modified Files:
pkgsrc/x11/xorg-libs: Makefile distinfo
pkgsrc/x11/xorg-libs/patches: patch-au
Log Message:
Make this package build on platforms without native zlib by including
zlib's buildlink3.mk. Thanks to Joerg Sonnenberger for review.
---
Module Name: pkgsrc
Committed By: minskim
Date: Sun Jul 23 16:54:20 UTC 2006
Modified Files:
pkgsrc/x11/xorg-libs: PLIST
Log Message:
Add missing entries for Linux. Approved by the maintainer.
---
Module Name: pkgsrc
Committed By: joerg
Date: Mon Jul 24 14:11:13 UTC 2006
Modified Files:
pkgsrc/meta-pkgs/xorg: Makefile.common
pkgsrc/x11/xorg-libs: Makefile
Log Message:
Move zlib SUBST magic to Makefile.common, it is always needed.
Fixes problems found by abs@
---
Module Name: pkgsrc
Committed By: minskim
Date: Mon Jul 24 22:00:47 UTC 2006
Modified Files:
pkgsrc/x11/xorg-libs: PLIST distinfo
pkgsrc/x11/xorg-libs/patches: patch-ad
Log Message:
Set ForceNormalLib and SharedFontLib to YES regardless of Linux distribution,
so that the same set of libraries are built on every Linux distribution.
Thanks to Joerg Sonnenberger for guide and review.
---
Module Name: pkgsrc
Committed By: minskim
Date: Wed Jul 26 16:02:21 UTC 2006
Modified Files:
pkgsrc/x11/xorg-libs: Makefile PLIST
Log Message:
Add a missing file on Linux. Bump PKGREVISION.
--
Module Name: pkgsrc
Committed By: joerg
Date: Mon Jul 31 16:39:42 UTC 2006
Modified Files:
pkgsrc/x11/xorg-imake: Makefile distinfo
pkgsrc/x11/xorg-imake/patches: patch-ac
pkgsrc/x11/xorg-libs: Makefile distinfo
pkgsrc/x11/xorg-libs/patches: patch-ac
Log Message:
Don't drop -fno-strict-aliasing on NetBSD/!i386. Fixes PR 34099.
Bump revision of xorg-imake and xorg-libs.
---
Module Name: pkgsrc
Committed By: joerg
Date: Mon Aug 14 09:54:39 UTC 2006
Modified Files:
pkgsrc/x11/xorg-libs: distinfo
Added Files:
pkgsrc/x11/xorg-libs/patches: patch-bq
Log Message:
Don't install os.h and misc.h in server builds, it would override
files from xorg-libs.
---
Module Name: pkgsrc
Committed By: joerg
Date: Tue Aug 22 18:12:14 UTC 2006
Modified Files:
pkgsrc/x11/xorg-libs: Makefile distinfo
pkgsrc/x11/xorg-server: Makefile
Log Message:
Fix SA21450 using patch from Xorg CVS. Bump revisions of xorg-libs and
xorg-server.
---
Module Name: pkgsrc
Committed By: joerg
Date: Wed Aug 23 00:11:08 UTC 2006
Added Files:
pkgsrc/x11/xorg-libs/patches: patch-br
Log Message:
Actually add the patch as well.
|
|
|
|
security fix for freetype2
Revisions pulled up:
- pkgsrc/graphics/freetype2/Makefile 1.53, 1.54
- pkgsrc/graphics/freetype2/distinfo 1.19
- pkgsrc/graphics/freetype2/patches/patch-aa 1.7
- pkgsrc/graphics/freetype2/patches/patch-ab 1.8
Module Name: pkgsrc
Committed By: minskim
Date: Sun Jul 23 14:37:08 UTC 2006
Modified Files:
pkgsrc/graphics/freetype2: Makefile
Log Message:
Link against the Carbon library if the framework is available. This fixes
PR 33858.
Bump PKGREVISION.
---
Module Name: pkgsrc
Committed By: joerg
Date: Tue Aug 22 18:43:51 UTC 2006
Modified Files:
pkgsrc/graphics/freetype2: Makefile distinfo
Added Files:
pkgsrc/graphics/freetype2/patches: patch-aa patch-ab
Log Message:
Add two patches to work around issues from CVE-2006-3467. Patches are
directly from FreeType CVS. Bump revision.
|
|
|
|
security fix for libtunepimp
Revisions pulled up:
- pkgsrc/audio/libtunepimp0.4/Makefile 1.3
- pkgsrc/audio/libtunepimp0.4/distinfo 1.2
- pkgsrc/audio/libtunepimp0.4/patches/patch-ae 1.1
[applied to pkgsrc/audio/libtunepimp on pkgsrc-2006Q2]
Module Name: pkgsrc
Committed By: salo
Date: Mon Aug 21 17:55:01 UTC 2006
Modified Files:
pkgsrc/audio/libtunepimp0.4: Makefile distinfo
Added Files:
pkgsrc/audio/libtunepimp0.4/patches: patch-ae
Log Message:
Security fix for CVE-2006-3600:
"A vulnerability in libtunepimp can be potentially exploited by
malicious people to compromise a user's system.
The vulnerability is caused due to a boundary error in the
"LookupTRM::lookup()" function when retrieving album release dates.
This can be exploited to cause a buffer overflow by returning an overly
long release date string (more than 100 bytes).
Successful exploitation may allow execution of arbitrary code in context
of an application using the vulnerable library."
http://secunia.com/advisories/21026/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3600
Patch from MusicBrainz SVN. Bump PKGREVISION.
|
|
|
|
security update for honeyd
Revisions pulled up:
- pkgsrc/security/honeyd/Makefile 1.16
- pkgsrc/security/honeyd/distinfo 1.5
Module Name: pkgsrc
Committed By: adrianp
Date: Mon Aug 21 20:19:36 UTC 2006
Modified Files:
pkgsrc/security/honeyd: Makefile distinfo
Log Message:
Update to 1.5b
Changes include:
1.5a
* A typo in an assert caused Honeyd to crash for most services.
* The subsystem support did not correctly support
getsockname for sockets coming via accept().
1.5b
* A crash when processing ARP packets.
* Correct default action handling for UDP packets.
* Fixed --without-python flag when using configure.
|
|
|
|
security fix for libwmf
Revisions pulled up:
- pkgsrc/graphics/libwmf/Makefile 1.60
- pkgsrc/graphics/libwmf/distinfo 1.14
- pkgsrc/graphics/libwmf/patches/patch-ae 1.1
Module Name: pkgsrc
Committed By: salo
Date: Sun Aug 20 21:38:45 UTC 2006
Modified Files:
pkgsrc/graphics/libwmf: Makefile distinfo
Added Files:
pkgsrc/graphics/libwmf/patches: patch-ae
Log Message:
Security fix for CVE-2006-3376:
"A vulnerability in libwmf can be potentially exploited by malicious
people to compromise an application using the vulnerable library.
The vulnerability is caused due to an integer overflow error when
allocating memory based on a value taken directly from a WMF file
without performing any checks. This can be exploited to cause a
heap-based buffer overflow when a specially crafted WMF file is
processed.
Successful exploitation may allow execution of arbitrary code."
http://secunia.com/advisories/20921/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3376
Patch from Red Hat. Bump PKGREVISION.
|
|
|
|
security update for imp
Revisions pulled up:
- pkgsrc/mail/imp/Makefile 1.39-1.40
- pkgsrc/mail/imp/distinfo 1.15-1.16
Module Name: pkgsrc
Committed By: adrianp
Date: Thu Jul 13 20:56:55 UTC 2006
Modified Files:
pkgsrc/mail/imp: Makefile distinfo
Log Message:
Update to 4.1.2
Major changes compared to the IMP H3 (4.1.1) version are:
* Allow to toggle off the Virtual Inbox.
* Display quota for current folder on Cyrus servers.
* Updated German, Italian and Spanish translations.
* Several small bugfixes and improvements.
The full list of changes (from version H3 (4.1.1)) can be viewed here:
http://cvs.horde.org/diff.php/imp/docs/CHANGES?r1=1.699.2.184&r2=1.699.2.194&ty=h
---
Module Name: pkgsrc
Committed By: adrianp
Date: Thu Aug 17 20:17:12 UTC 2006
Modified Files:
pkgsrc/mail/imp: Makefile distinfo
Log Message:
Update to 4.1.3
Major changes compared to the IMP H3 (4.1.2) version are:
* Added server configuration option to limit numer of login tries.
* Added link to view attached S/MIME key details.
* Fixed escaping of folder names.
* Updated Catalan, German and Slovenian translations.
* Several small bugfixes and improvements.
The full list of changes (from version H3 (4.1.2)) can be viewed here:
http://cvs.horde.org/diff.php/imp/docs/CHANGES?r1=1.699.2.194&r2=1.699.2.206&ty=h
|
|
security update for horde
Revisions pulled up:
- pkgsrc/www/horde/Makefile 1.47-1.48
- pkgsrc/www/horde/PLIST 1.13-1.14
- pkgsrc/www/horde/distinfo 1.16
Module Name: pkgsrc
Committed By: adrianp
Date: Thu Aug 17 20:15:40 UTC 2006
Modified Files:
pkgsrc/www/horde: Makefile PLIST distinfo
Log Message:
Update to 3.1.3
Major changes compared to Horde 3.1.2 are:
* Security Fixes
- Closed an XSS problem in index.php and improved protection against
phishing attempts.
* Bugfixes and improvements
- Added Kolab group ACL support.
- Improved import of date and time fields.
- Fixed synchronization support.
- Updated Catalan, German and Slovenian translations.
The full list of changes (from version 3.1.2) can be viewed here:
http://cvs.horde.org/diff.php/horde/docs/CHANGES?r1=1.515.2.252&r2=1.515.2.261&ty=h
---
Module Name: pkgsrc
Committed By: adrianp
Date: Sun Aug 20 10:10:59 UTC 2006
Modified Files:
pkgsrc/www/horde: Makefile PLIST
Log Message:
Fix a PLIST bug pointed out by ghen@
Bump PKGREVISON
|
|
|
|
security update for php5
Revisions pulled up:
- pkgsrc/lang/php5/Makefile 1.42
- pkgsrc/lang/php5/Makefile.common 1.19
- pkgsrc/lang/php5/distinfo 1.27
- pkgsrc/lang/php5/patches/patch-ao removed
- pkgsrc/lang/php5/patches/patch-as 1.2
- pkgsrc/lang/php5/patches/patch-at removed
- pkgsrc/lang/php5/patches/patch-av removed
- pkgsrc/lang/php5/patches/patch-aw removed
Module Name: pkgsrc
Committed By: taca
Date: Thu Aug 17 13:17:48 UTC 2006
Modified Files:
pkgsrc/lang/php5: Makefile PLIST
Log Message:
Correct PLIST to fix a binary package:
- remove an extra directory.
- handle empty directories.
---
Module Name: pkgsrc
Committed By: taca
Date: Sat Aug 19 14:47:44 UTC 2006
Modified Files:
pkgsrc/lang/php5: Makefile PLIST
Log Message:
More fix of PLIST, now pkg_delete should always succeed.
---
Module Name: pkgsrc
Committed By: taca
Date: Sat Aug 19 16:44:15 UTC 2006
Modified Files:
pkgsrc/lang/php5: Makefile Makefile.common distinfo
pkgsrc/lang/php5/patches: patch-as
Removed Files:
pkgsrc/lang/php5/patches: patch-ao patch-at patch-av patch-aw
Log Message:
Update php5 package to 5.1.5:
17 Aug 2006, PHP 5.1.5
- Fixed memory_limit on 64bit systems. (Stefan E.)
- Fixed overflow on 64bit systems in str_repeat() and wordwrap(). (Stefan E.)
- Disabled CURLOPT_FOLLOWLOCATION in curl when open_basedir or safe_mode are
enabled. (Stefan E., Ilia)
- Fixed bug #38322 (reading past array in sscanf() leads to arbitrary code
execution). (Tony)
- Fixed bug #38125 (undefined reference to spl_dual_it_free_storage). (Marcus)
- Fixed bug #38112 (corrupted gif segfaults) (Pierre)
- Fixed bug #37587 (var without attribute causes segfault). (Marcus)
- Fixed bug #37576 (FastCGI env (cgi vars) table overflow). (Piotr)
- Fixed bug #37496 (FastCGI output buffer overrun). (Piotr, Dmitry)
- Fixed bug #37487 (oci_fetch_array() array-type should always default to
OCI_BOTH). (Tony)
- Fixed bug #37416 (iterator_to_array() hides exceptions thrown in rewind()
method). (Tony)
- Fixed bug #37392 (Unnecessary call to OCITransRollback() at the end of
request). (Tony)
- Fixed bug #37341 ($_SERVER in included file is shortened to two entries,
if $_ENV gets used). (Dmitry)
- Fixed bug #37313 (sigemptyset() used without including <signal.h>).
(jdolecek)
- Fixed bug #37346 (invalid colormap format) (Pierre)
- Fixed bug #37360 (invalid gif size) (Pierre)
- Fixed bug #37306 (max_execution_time = max_input_time). (Dmitry)
- Fixed Bug #37278 (SOAP not respecting uri in __soapCall). (Dmitry)
- Fixed bug #37265 (Added missing safe_mode & open_basedir checks to
imap_body()). (Ilia)
- Fixed bug #37256 (php-fastcgi dosen't handle connection abort). (Dmitry)
|
|
PLIST fix for php5
Revisions pulled up:
- pkgsrc/lang/php5/Makefile 1.40-1.41
- pkgsrc/lang/php5/PLIST 1.12-1.13
Module Name: pkgsrc
Committed By: taca
Date: Thu Aug 17 13:17:48 UTC 2006
Modified Files:
pkgsrc/lang/php5: Makefile PLIST
Log Message:
Correct PLIST to fix a binary package:
- remove an extra directory.
- handle empty directories.
---
Module Name: pkgsrc
Committed By: taca
Date: Sat Aug 19 14:47:44 UTC 2006
Modified Files:
pkgsrc/lang/php5: Makefile PLIST
Log Message:
More fix of PLIST, now pkg_delete should always succeed.
|
|
security update for ja-squirrelmail
Revisions pulled up:
- pkgsrc/mail/ja-squirrelmail/Makefile 1.31-1.32
- pkgsrc/mail/ja-squirrelmail/PLIST 1.5-1.6
- pkgsrc/mail/ja-squirrelmail/distinfo 1.12
- pkgsrc/mail/ja-squirrelmail/patches/patch-ab removed
- pkgsrc/mail/ja-squirrelmail/patches/patch-ac removed
Module Name: pkgsrc
Committed By: taca
Date: Thu Aug 17 13:24:46 UTC 2006
Modified Files:
pkgsrc/mail/ja-squirrelmail: Makefile PLIST distinfo
Removed Files:
pkgsrc/mail/ja-squirrelmail/patches: patch-ab patch-ac
Log Message:
Update ja-squirrelmail package to 1.4.8.
Changes from 1.4.7:
- A security fix for CVE-2006-4019
- A collection of bugfixes
Changes from 1.4.6:
- Fixed URL for Read Receipts being incorrect in some cases (#1177518).
- Fixed endless loop when trying to parse "From: )(" (#1517867).
- Using is_file() instead of file_exists() in fortune plugin (#1499134).
- Add manual page for conf.pl under contrib.
- Don't allow selecting INBOX as Sent, Draft or Trash folder (#1242346).
---
Module Name: pkgsrc
Committed By: taca
Date: Sat Aug 19 14:49:36 UTC 2006
Modified Files:
pkgsrc/mail/ja-squirrelmail: Makefile PLIST
Log Message:
- Fix PLIST.
- Add APACHE_GROUP, APACHE_USER and VARBASE to BUILD_DEFS.
Bump PKGREVISION.
|
|
|
|
security update for miredo
Revisions pulled up:
- pkgsrc/net/miredo/Makefile 1.9, 1.10
- pkgsrc/net/miredo/PLIST 1.4
- pkgsrc/net/miredo/distinfo 1.6, 1.7
- pkgsrc/net/miredo/patches/patch-aa 1.4, 1.5
- pkgsrc/net/miredo/patches/patch-ab 1.5
- pkgsrc/net/miredo/patches/patch-ac 1.4
- pkgsrc/net/miredo/patches/patch-ad removed
- pkgsrc/net/miredo/patches/patch-ae removed
Module Name: pkgsrc
Committed By: rpaulo
Date: Tue Aug 15 20:54:45 UTC 2006
Modified Files:
pkgsrc/net/miredo: Makefile PLIST distinfo
pkgsrc/net/miredo/patches: patch-aa patch-ab patch-ac
Removed Files:
pkgsrc/net/miredo/patches: patch-ad patch-ae
Log Message:
Update to version 0.9.9:
============================================================================
RELEASE CANDIDATE 0.9.9 : Minor portability fixes
# NetBSD 4 build fixes.
============================================================================
RELEASE CANDIDATE 0.9.8 : Major feature enhancements, major security fixes
# Support interacting with Teredo clients behind symmetric NATs.
# Fix multiple problems with HMAC/ping authentication of non-Teredo nodes.
# Increase timestamp wrap time from 18 hours to 70 years to avoid replay
attacks against authentication tokens.
# Allow Router Advertisement through the ISATAP tunnel (untested).
isatapd remain very experimental, particular client-side.
Someone ought to make a clean kernel implementation instead.
# Use HMAC instead of random nonces in Teredo clients.
=============================================================================
BETA RELEASE 0.9.7 : Major security fixes
# Fix infinite UDP packet forwarding loop in Teredo server (MTFL-SA 0603).
=============================================================================
BETA RELEASE 0.9.6 : Major compatibility fixes
# Lots of portability fixes, mostly for FreeBSD and the likes.
# Removed some dead code.
# Provide teredo-mire by default.
# Print more helpful error message for some common BSD tunneling issues.
=============================================================================
BETA RELEASE 0.9.5 : Major features enhancement, major bug fixes
# Removed too brittle cone NAT support. As a side effect, miredo is much
faster to startup in client mode in most cases.
# Fix server-side handling of Windows Vista client solicitations.
# Removed the IgnoreConeBit configure option. The cone bit is now always
ignored (this was the default ever since the introduction of that
option).
=============================================================================
BETA RELEASE 0.9.4 : Major features enhancement
# More refined system clock usage brings about 30% performance boost.
=============================================================================
BETA RELEASE 0.9.3 : Major features enhancement, major bug fixes
# Use dedicated thread for packets transmission and reception. Miredo
should now leverage dual-process, dual-core and SMT systems.
# Receive to-be-decapsulated and to-be-encapsulated packets in blocking
mode; this improves performance by about 10% on Linux.
# Use the POSIX monotonic clock for maintenance procedure and exclusive
mode watch if POSIX monotonic clock and clock selection are available.
# Minor optimizations to the most stressed code paths.
# Suppress spurious 4-seconds delay when waiting for symmetric probes.
# Minimalistic support for ISATAP client in ISATAPd.
# Ignore invalid Router Advertisements properly.
# Drop incoming multicast traffic as a precautionary measure.
# Truncate PID file properly when updating it.
# Fix deadlocks and spurious exits upon some signals (such as SIGCONT).
# Fix deadlock when Teredo server DNS hostname resolution fails.
# Handle would-be spurious wakeups properly.
# Fix IPv4 global unicast access-list.
# Fix SO_REUSEADDR socket option usage.
# Use C99 restrict keyword at sensible places for compiler optimization.
# Portability fixes for DragonFly BSD.
# Work-around for some uClibc POSIX defines insanity.
# Got rid of all C++ code.
# Renamed libteredo-mire to teredo-mire for consistency.
# Leverage newer autoconf macros.
# Fix encoding of non-ASCII characters in manual pages.
# Work-around for platforms that can't rename tunnel network interface.
# Build libmiredo dynamically to reduce global code size.
# Fix inclusion of non-PIC code into shared libraries.
(Unstable version 0.9.3 includes all fixes from stable version 0.8.5)
=============================================================================
BETA RELEASE 0.9.1 : Major features enhancement
# Created and referenced a developper mailing list: <miredo-devel at
remlab.net>. Send a mail with subject subscribe to
<miredo-devel-request
at remlab.net> to subscribe.
# Added isatap, an ISATAP router based on libtun6 and miredo.
After careful IETF IPR claim check, it seems ISATAP can be freely
implemented anyway.
# Working support for Mac OS X:
- work-around overly long closefrom() replacement,
- work-around tuntap for OS X spurious initialization error.
- add required defines for pthread to work properly.
# Added libteredo-miredo, an undocumented Teredo test card.
# Improve miredo-checkconf semantics.
# Multi-threaded libteredo, and finer grained locking.
# Fix initialization in libteredo sometimes causing a crash at startup.
# Fix race condition in libteredo-list unit test.
# Fix _impossible_ overflow of FD_SET().
(Unstable version 0.9.1 includes all fixes from stable version 0.8.4)
---
Module Name: pkgsrc
Committed By: salo
Date: Fri Aug 18 13:45:57 UTC 2006
Modified Files:
pkgsrc/net/miredo: Makefile distinfo
pkgsrc/net/miredo/patches: patch-aa
Log Message:
Fix example configuration files installation so they aren't installed twice
(extra ones in PKG_SYSCONFDIR).
ok <rpaulo>
|
|
|
|
security update for ImageMagick
Revisions pulled up:
- pkgsrc/graphics/ImageMagick/Makefile.common 1.58-1.60, 1.62
- pkgsrc/graphics/ImageMagick/PLIST 1.49
- pkgsrc/graphics/ImageMagick/distinfo 1.70-1.72, 1.75
- pkgsrc/graphics/ImageMagick/patches/patch-aa 1.37
- pkgsrc/graphics/ImageMagick/patches/patch-ab 1.22
Module Name: pkgsrc
Committed By: adam
Date: Mon Jul 17 16:01:36 UTC 2006
Modified Files:
pkgsrc/graphics/ImageMagick: Makefile.common PLIST distinfo
pkgsrc/graphics/ImageMagick/patches: patch-aa patch-ab
Log Message:
Changes 6.2.8-4:
* Add IsImageSimiliar() method to MagickCore API.
* Improve color reduction algorithm for images with transparency.
Changes 6.2.8-3:
* The -page A4 option no longer returns a width/height of 0.
* GetMagickModulePath() at line 803 in magick/module.c the variable 'home'
is not freed before returning.
* Magick::throwException should not call MagickLib::GetException().
Changes 6.2.8-2:
* The DPX orientation header elements are 8 not 16.
* Fix the ImageMagick web pages so they render properly.
Changes 6.2.8-1:
* Fix off-by-one error in DrawAffineImage().
* Set the offset to layer 2 of XCF images.
* Set proper precendence so -fx 'p{u[1]*w,u[2]*h}' parses properly (bug
Module Name: pkgsrc
Committed By: adam
Date: Mon Jul 31 14:55:36 UTC 2006
Modified Files:
pkgsrc/graphics/ImageMagick: Makefile.common distinfo
Log Message:
Changes 6.2.8.7:
* Bug fixes
Module Name: pkgsrc
Committed By: perry
Date: Mon Aug 7 01:08:05 UTC 2006
Modified Files:
pkgsrc/graphics/ImageMagick: Makefile.common distinfo
Log Message:
Update to 6.2.8-8 -- -7 is no longer available on most ImageMagick
mirrors.
The ChangeLog between -7 and -8 says:
* Add -unique-colors to discard all but one of any pixel color.
* The montage program properly parses the -channel option.
* Make -colors work consistently as an image operator.
* Some DPX images do not contain a television header.
* Restore ability to read 10-bit grayscale Cineon images.
* Improve handling of corrupt GIF images.
Module Name: pkgsrc
Committed By: abs
Date: Tue Aug 15 12:20:12 UTC 2006
Modified Files:
pkgsrc/graphics/ImageMagick: Makefile Makefile.common distinfo
Log Message:
Update graphics/ImageMagick from 6.2.8.8 to 6.2.9.0
* Add -adaptive-resize option.
* Permit x100 as a geometry in Magick++.
* Respect width/height for image MVG element.
|
|
|
|
security update for bomberclone
Revisions pulled up:
- pkgsrc/games/bomberclone/Makefile 1.24
- pkgsrc/games/bomberclone/PLIST 1.10
- pkgsrc/games/bomberclone/distinfo 1.12
- pkgsrc/games/bomberclone/patches/patch-ac removed
- pkgsrc/games/bomberclone/patches/patch-ad removed
Module Name: pkgsrc
Committed By: wiz
Date: Wed Aug 16 15:35:25 UTC 2006
Modified Files:
pkgsrc/games/bomberclone: Makefile PLIST distinfo
Removed Files:
pkgsrc/games/bomberclone/patches: patch-ac patch-ad
Log Message:
Update to 0.11.7:
Version 0.11.7
==============
2006-08-15
- Added: BomberClone Icon to the bomberclone win32 binary.
- Added: resolution 1280x800
- Testing: Security Problems found by Luigi Auriemma
Bugs: A] memcpy crash in rscache_add
B] information disclosure in send_pkg
C] simple error message termination
for more informations look here:
http://aluigi.altervista.org/adv/bcloneboom-adv.txt
Solutions to
A) rewrote the whole resend cache system, also send_mapinfo needed a
bad workaround for a bug i couldn't find out. (to disable the workaround
use ./configure CFLAGS=-DBUG_MAPINFO)
B) made sure that the size of a packet is set right before send over
the network. Found only the function (do_gameinfo) where something
like this occured.
do_pkg will also check the size of the incoming packet with the
p->h.len value.
C) accept the error packets only from the server of a game. Since only the
server will send such type of packets.
- Fixed: Security Problem found by Stefan Cornelius.
For more information look here:
https://lists.uni-koeln.de/pipermail/sec-info/Week-of-Mon-20060313/006561.html
- Added: "more random" by Patrik Nilsson:
This map type is just a hacked version of "autogenerated",
and is as the name tells more random. Since both block,
rock and nothing are placed randomly inside the border.
- Fixed: High CPU usage in menus.
This fix was made by Chris E..
- Fixed: Bug with more as 8 different player graphics.
The window size hasen't changed if there where more as
8 different player graphics to choose from.
- Removed the Dedicated Server Support from the game.
The whole bomberclone game is not designed for a dedicated
server. The test shown that the whole game would have to
be rewritten. Also that the host can leave the game would
not work no more.
|
|
|
|
security update for php4
Revisions pulled up:
- pkgsrc/www/php4/Makefile 1.70
- pkgsrc/www/php4/Makefile.common 1.53
- pkgsrc/www/php4/distinfo 1.56
- pkgsrc/www/php4/files/pear.sh 1.3
- pkgsrc/www/php4/patches/patch-ao 1.3
- pkgsrc/www/php4/patches/patch-aq removed
- pkgsrc/www/php4/patches/patch-ar removed
- pkgsrc/www/php4/patches/patch-as removed
- pkgsrc/www/php4/patches/patch-au removed
- pkgsrc/www/php4/patches/patch-av removed
- pkgsrc/www/php4/patches/patch-aw 1.1
Module Name: pkgsrc
Committed By: adrianp
Date: Thu Aug 10 23:01:40 UTC 2006
Modified Files:
pkgsrc/www/php4: Makefile Makefile.common distinfo
pkgsrc/www/php4/files: pear.sh
pkgsrc/www/php4/patches: patch-ao
Added Files:
pkgsrc/www/php4/patches: patch-aw
Removed Files:
pkgsrc/www/php4/patches: patch-aq patch-ar patch-as patch-au patch-av
Log Message:
Update to 4.4.3
All PHP 4.x users are encouraged to upgrade to this release as soon as possible.
The security issues resolved include the following:
* Disallow certain characters in session names.
* Fixed a buffer overflow inside the wordwrap() function.
* Prevent jumps to parent directory via the 2nd parameter of the tempnam()
function.
* Improved safe_mode check for the error_log() function.
* Fixed cross-site scripting inside the phpinfo() function.
The release also includes about 20 bug fixes and an upgraded PCRE library
(version 6.6).
For a full list of changes in PHP 4.4.3, see the ChangeLog:
http://www.php.net/ChangeLog-4.php#4.4.3
This also contains a fix for CVE-2006-4020 (SA21403)
|
|
|
|
security update for squirrelmail
Revisions pulled up:
- pkgsrc/mail/squirrelmail/Makefile 1.75
- pkgsrc/mail/squirrelmail/PLIST 1.19
- pkgsrc/mail/squirrelmail/buildlink3.mk 1.13
- pkgsrc/mail/squirrelmail/distinfo 1.34
- pkgsrc/mail/squirrelmail-locales/Makefile 1.17
- pkgsrc/mail/squirrelmail-locales/PLIST 1.10
- pkgsrc/mail/squirrelmail-locales/distinfo 1.7
Module Name: pkgsrc
Committed By: tron
Date: Mon Aug 14 15:57:40 UTC 2006
Modified Files:
pkgsrc/mail/squirrelmail: Makefile PLIST buildlink3.mk distinfo
pkgsrc/mail/squirrelmail-locales: Makefile PLIST distinfo
Log Message:
Update "squirrelmail" and "squirrelmail-locales" package to version 1.4.8.
Changes since version 1.4.7:
- A security fix for CVE-2006-4019
- A collection of bugfixes
|
|
|
|
build fix for perl on netbsd-4
Revisions pulled up:
- pkgsrc/lang/perl5/distinfo 1.36-1.37
- pkgsrc/lang/perl5/patches/patch-ba 1.3-1.4
Module Name: pkgsrc
Committed By: tron
Date: Tue Aug 8 15:27:36 UTC 2006
Modified Files:
pkgsrc/lang/perl5: distinfo
pkgsrc/lang/perl5/patches: patch-ba
Log Message:
Make this build under NetBSD 4.x.
---
Module Name: pkgsrc
Committed By: tron
Date: Tue Aug 8 15:36:00 UTC 2006
Modified Files:
pkgsrc/lang/perl5: distinfo
pkgsrc/lang/perl5/patches: patch-ba
Log Message:
Remove changes added by Perl's configure script. Problem pointed out
by Thomas Klausner.
|
|
|
|
security update for openttd
Revisions pulled up:
- pkgsrc/games/openttd/Makefile 1.15
- pkgsrc/games/openttd/PLIST 1.4
- pkgsrc/games/openttd/distinfo 1.4
- pkgsrc/games/openttd/patches/patch-aa removed
- pkgsrc/games/openttd/patches/patch-ab removed
- pkgsrc/games/openttd/patches/patch-ac removed
- pkgsrc/games/openttd/patches/patch-ad removed
- pkgsrc/games/openttd/patches/patch-ae removed
- pkgsrc/games/openttd/patches/patch-af removed
- pkgsrc/games/openttd/patches/patch-ag removed
- pkgsrc/games/openttd/patches/patch-ah removed
- pkgsrc/games/openttd/patches/patch-ai removed
- pkgsrc/games/openttd/patches/patch-aj removed
Module Name: pkgsrc
Committed By: abs
Date: Thu Aug 10 13:28:37 UTC 2006
Modified Files:
pkgsrc/games/openttd: Makefile PLIST distinfo
Removed Files:
pkgsrc/games/openttd/patches: patch-aa patch-ab patch-ac patch-ad
patch-ae patch-af patch-ag patch-ah patch-ai patch-aj
Log Message:
Update games/openttd from 0.4.0.1 to 0.4.8rc2
All pkgsrc patches appear to have been committed
Resolves security issue:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1999
0.4.8-RC2 (2006-07-31)
------------------------------------------------------------------------
- Feature: Add Italian town names as we have an official Italian translation
- Codechange: Verify the presence of music files in the gm/ folder. This should
also solve some 100% CPU buildup for some users.
- Fix: Certain combinations of trains crash when moved around inside the depot.
- Fix: Reversed arrow-sign in the multiplayer list column headers on sort by
name
- Fix: Industry production change button doesn't work for oilrig passangers.
- Fix: Helicopters stopping in depot after autorenew/autoreplace
- Fix: MorphOS crashes when you go a level up in the root level
- Fix: UDP sockets were used even if network-availability was set to false
- Fix: Crash when trying to build a vehicle type that is set to a max of zero
0.4.8-RC1 (2006-06-28)
------------------------------------------------------------------------
- Feature: Add Turkish town names as we have an official Turkish translation
- Feature: Add a fully optional configure script that is a wrapper around the
cumbersome makefile.config
- Codechange: [NPF] Disable NPF totally for ships as it wholly kills
performance (blathijs). Only for 0.4/ branch and 0.4.8.
- Fix: Redraw the screen when switching the signal side in the patches window
- Fix: It was possible to dig into a tunnel if certain rail combinations were
ontop of it
- Fix: A HQ could only be flooded at its northern tile, the other 3 were immune
to water
- Fix: Fix several glitches concerning foundations. Houses, property
(rail/road/bridge/etc.) and cursor are now aligned properly
- Fix: Prohibit altering a road tile while road works are in progress. This
fixes some glitches like "turning" the excavation by adding/removing road bits
or removing the road piece
- Fix: Only advertise the server to your external IP/network (eg not to
127.0.0.1) and use proper broadcast addresses
- Fix: '-f' switch is not valid on windows, so don't show it in help
- Fix: [autoreplace] Autoreplaced trains can leave all wagons in depot under
certain circumstances
- Fix: The wrong IP could get unbanned, e.g. 'unban 1.2.3.42' could result in
unbanning 1.2.3.4
- Fix: It was possible to convert the railtype of a bridge while a train was on
it
- Fix: It was possible to rename signs or waypoints with the chat box
- Fix: Be more strict what it means for an aircraft to be in a hangar: It's not
just being stopped on a hangar tile
- Fix: If a road vehicle is on a road depot tile and stopped doesn't mean it's
in the depot. Use the proper test for this
- Fix: [AI] The AI should send a plane into a hangar if it's not in a hangar
_or_ not stopped, not when it's not in a hangar _and_ not stopped
- Fix: [AI] The trolly AI used information from the wrong industry when
calculating the amount of to be transported goods
- Fix: [NTP] Fix NTP over bridges: don't check the rail type when on a bridge
- Fix: Truncate text in dropdown lists to stop text overflowing.
- Fix: "Erroneous train reversal on waypoints". When processing the next train
order, do not even consider reversing the train if the last order was to a
waypoint.
- Fix: Starting a new scenario did not adhere to local difficulty settings but
took it from the scenario itself. That mode is for 'play scenario'
- Fix: Vehicles on a sloped tile under a bridge were affected by the bridge
speed limit
- Fix: Issue with train pathfinding over level crossings.
- Fix: [AI] The AI no longer attempts to build signals under bridges.
- Fix: Refresh build vehicle window (if opened) when converting rail depot
- Fix: Crash when sorting an empty server list.
- Fix: The build-tree window button defaulted to a place-push-button on opening
where no treetype is selected.
- Fix: Game crashes when cloning/autoreplace reaches train-limit
- Fix: [NTP] properly check for railtypes on non-plain-rail-tiles
- Fix: Trains could enter certain sloped rail tiles under bridges with
incompatible rail type
- Fix: Ensure the map memory is cleared after it is allocated. This fixes
random deserts that sometimes occurred.
- Fix: Some weird behaviour with tile selection near bridges
- Fix: Don't allow PF to enter train depot from the back (signal updates)
- Fix: Game no longer crashes when the last vehicle servicing a station has
been deleted
- Fix: Reset the last built railtype when starting a new game
- Fix: Cloned vehicles get the same service interval as the original vehicle
- Fix: Game no longer errors out when "Many random towns" is selected in the
scenario editor.
- Fix: Obscure road dragging bug. The road build command did not return the
appropiate error message of invalid-slope when building road.
- Fix: Temperate bank will no longer appear (during game) in tropic landscape.
This bug is from the original game.
- Fix: Specify the 'stopall' console command as a debug command.
- Fix: Fixed a problem that caused DeliverGoodsToIndustry to not work as
intended
- Fix: Ships and aircraft can now be used as feeders as well
- Fix: When a multiheaded train is sold the pointers were not updated correctly
causing sporadious crashes/disconnects.
- Fix: New plantations now cause the correct ".. being planted .." news item
- Fix: Danish town names were saved/loaded as Swiss
- Fix: Removing roads on crossings was done without a check for ownership
- Fix: [autoreplace] Fix drawing of train list for outdated engines
- Fix: Malicious clients/servers could crash the game
- Fix: [autoreplace] allow replacement of wagons even when the engine fails to
be replaced
- Fix: Certain operations involving trains inside a depot could cause a crash
- Fix: [autoreplace] cost for refitting a new vehicle is added to the cost
animation (player always paid for it, it just wasn't shown)
- Fix: [OSX] Save/Load issues solved for OSX 10.3.9 universal binaries
- Fix: Illegal servers in the master-server list could kick the client back to
the main menu, effectively making Multiplayer impossible
- Fix: [NPF] Don't mark tiles when debugging in multiplayer, this will cause
desyncs
- Fix: Several fixes to chatbox code, mainly plug a buffer overflow
0.4.7 (2006-03-26)
------------------------------------------------------------------------
- Feature: [OSX] Add support for triple-binaries (PPC, PPC970, i386) (r4102)
- Fix: [OSX] crash when going to fullscreen (r4100)
- Fix: Allow unused wagons to have their first cache set. Fixes faulty
cache-warning message and noticably speeds up depot operations (r4094)
- Fix: [NPF] Trains & busses were unable to find a route when leaving a depot
or bus stop. (r4072)
0.4.6 (2006-03-22)
------------------------------------------------------------------------
- Codechange: [win32] Show the revision in crash.txt and enable the button to
show the crash text in the crash-window (r3965)
- Codechange: Add additional linker information to release builds to help
figure out crashes more easily (r3526)
- Fix: [OSX 10.3 and newer] [ 1157244 ] Can't save game if name contains german
umlauts (loading savegames with certain chars still look odd) (r4038)
- Fix: [OSX] major speedup for PPC fullscreen (r4034)
- Fix: [Makefile] Make sure the ICON_DIR gets created before copying files
there. (r4032)
- Fix: [win32] Change compiler settings to use the multithreaded CRT. This
prevents certain crashes on multi-threaded machines. (r4031)
- Fix: [ 1453646 NPF ] Road vehicles planning through the back of depots and
stations. (r4029)
- Fix: Use the title of a savegame in the saveload dialog-editbox. (r4018)
- Fix: Improper resolution written to the configuration file when exiting from
fullscreen. (r4017)
- Fix: When removing rail track from a tile where only X and Y pieces exist,
explicitly update signals in both directions. (r4016)
- Fix: Default the patch-setting 'pause_on_join' to true. (r4015)
- Fix: Slope and height information returned for some tile types is wrong
(r4014)
- Fix: Fixes a bug introduced by r3228 which allowed steep rail tiles resulting
in ... unwanted effects such as display artifacts. (r4012)
- Fix: Update french translation (r3978)
- Fix: FS#56 - [Crash] Missing glyph(s) in big-font. Added several missing
glyphs for the big font. (r3970)
- Fix: [ 1439907 ] Increase client list window width so at least most languages
fit. (r3969)
- Fix: Update german and finnish languages. (r3968)
- Fix: Properly set back the owner of a crossing/road-under bridge after
removing it. (r3967)
- Fix: [autoreplace]: (FS#67) autoreplacing trains now keep their tile length
instead of their pixel length. (r3964)
- Fix: Mark the right tile as dirty. It's just a graphical glitch which happend
in r1592. (r3962)
- Fix: Fix crash when resizing news history window. (r3961)
- Fix: Correctly implement minimum search, so road vehicles head twoards the
closest station, not the last one in the list. (r3960)
- Fix: [FS#61] The tooltips for raising and lowering land buttons in the
scenario editor are interchanged (r3959)
- Fix: Correctly restore the roadside after roadworks are finished. (r3957)
- Fix: [Multistop] Check the status of the destination road stop instead of a
station's first road stop. This only has effect with road vehicle queuing
disabled. (r3956)
- Fix: validate the setting of max_companies/spectators through the console.
(r3955)
- Fix: Improve game-load times. (r3954)
- Fix: On loading a game, GetPlayerRailtypes() didn't account for the fact that
vehicles are introduced a year after their introduction date. This will also
relieve possible (rare) network desyncs. (r3952)
- Fix: Restore plural forms of cargo types for several languages. (r3951)
- Fix: [win32] Add directives to allow Visual Studio 2005 compilation. (r3950)
- Fix: [ 1415782 ] crash in string code with openbsd/zaurus; alignment issues
(r3948)
0.4.5 (2006-01-31)
------------------------------------------------------------------------
- Feature: [newgrf] Implement varaction2 property 0x41 and 0xDA. (2361)
- Feature: giving server_ip a value of 'all' will make the server listen on any
interface (2374)
- Feature: shortcut CTRL + U that clears the current input-box (2385)
- Feature: [newgrf] Implement the mechanism for handling newgrf callbacks
(2389)
- Feature: [newgrf] Implement the 'refit capacity' callback (2389)
- Feature: saving games happen in a seperate thread (2391)
- Feature: [newgrf] Implement powered wagons, and the callback that goes with
it (2414)
- Feature: [newgrf] Implement shorter train vehicles (2428)
- Feature: New display option: 'transparent station signs' (2438)
- Feature: You can now give transfer order to set up feeder systems (2441)
- Feature: Removing tracks with the 'remove' tool, automatically removes
signals on the tracks (2469)
- Feature: [localisation] Allow changing the order of parameters in translated
strings (2573)
- Feature: [localisation] New way to specify plural forms (2592)
- Feature: [localisation] Support genders (2594)
- Feature: [localisation] Support cases (2597)
- Feature: add support for truncating strings to a given (pixel) length (2607)
- Feature: Overhaul DirectMusic MIDI backend, remove "experimental" status
(2712)
- Feature: Change the driver probing algorithm: Use the first music/sound/video
which succeeds initialising instead of bailing out after the first. No need to
specify -snull if no soundcard is present anymore (2728)
- Feature: The Main Toolbar Dropdown Menu can now display disabled items (2734)
- Feature: Clone vehicles (2764)
- Feature: When starting without a config file determine the language on basis
of the current locale (2777)
- Feature: [NewGRF] Add support for "extended bytes" (2872)
- Feature: [localisation] Major step twoards ISO-8859-15: Implement missing
characters (2879)
- Feature: Implement the console command rm to remove savegames (2941)
- Feature: Danish town names (2957)
- Feature: Menu option to toggle console (2958)
- Feature: Calculate proportions of non-square giant screenshot correctly
(2963)
- Feature: [newgrf] Implement current set of action D (ParamSet) operations
(2968)
- Feature: [newgrf] Show a wagon's speed limit in purchase list (2969)
- Feature: [newgrf] Support loading VarAction2 parameter for variables
0x60-0x7F (2971)
- Feature: [newgrf] Add patch option for wagon speed limits (2982)
- Feature: [newgrf] Support loading of bridge attributes and tables from GRF
(3004)
- Feature: Native Support for Win64 (3008)
- Feature: OSX now uses quicktime to play midi files (3022)
- Feature: [OSX] Command+Q now works in main menu (3027)
- Feature: Allow unbanning players based on banlist-id (as well as IP) (3067)
- Feature: 'status' and 'clients' now show the IP of the players (3067)
- Feature: Make it possible to create a screenshot from the console that is
both big and has no console, or any combination of (3068)
- Feature: [newgrf] Add support for rail vehicle weight greater than 255 tons
(3071)
- Feature: 'HOME' icon to saveload dialogs that jumps to the default save/load
directory based on the dialog (3096)
- Feature: Turkish translation (3120)
- Feature: [newgrf] Support positioning of rail vehicle visual effects (3132)
- Feature: [newgrf] Support for articulated rail vehicles (3139)
- Feature: [newgrf] Add support for cargo refitting specification by cargo
classes (3148)
- Feature: [newgrf] Action 7/9 new value : is it TTDPatch or OpenTTD? (3152)
- Feature: Drag and drop rocky areas in scenario editor (3153)
- Feature: Added patch option to link the terraform toolbar to the rail, road,
water and airport toolbars (3157)
- Feature: Right-Click-Scrolling optionally moves in the opposite direction
(3222)
- Feature: Native cocoa sound and video drivers for OSX (3281)
- Feature: [newgrf] Allow train running cost class to differ from engine class
(3388)
- Feature: Kick and ban now with IP numbers (3407)
- Feature: Allow seeing and setting the maximum amount of companies and
spectators for a server. This can be changed/viewed during runtime as well in
the console (3427)
- Feature: Allow the network game list to be sorted (by
name/clients/compatibility ascending/descending) (3441)
- Feature: Make it possible to ban offline clients (3469)
- Fix: The refit window now shows the correct refit options (2365)
- Fix: Refitting to a cargo which is already carried by some vehicles takes
their capacities into account for display (2365)
- Fix: Add 'multihead' TTDPatch option to OpenTTD newgrf flags-emulation (2368)
- Fix: make install tried to install scenarios in the (non-existing) personal
dir when USE_HOMEDIR is specified (2371)
- Fix: [console] update the example scripts in the scripts/ directory to
reflect the new console functionality (2372)
- Fix: [console] any line starting with a '#' is a comment so ignore it (2372)
- Fix: [console] The special variables whose value can only be set by a custom
process should, also print out their newly set value there (2372)
- Fix: [newgrf] Ignore action 0 prop 0x20 (air drag) (2377)
- Fix: [newgrf] Further property stubs, help prevents subsequent incorrect
reading of newgrf data (2378)
- Fix: Build year for mail compartment of planes was not set correctly,
affected station ratings (2380)
- Fix: Endgame window on easy difficulty resulted in infinite loop (2381)
- Fix: Check the airport type when building an airport (2382)
- Fix: Monkey-testing turned up some command crashes (2383)
- Fix: Check selling land and setting player colour. Also an extra map-bounds
check for terraforming (2384)
- Fix: [realistic accel] Very slow trains no longer get an increase in maximum
speed when part of them is in a depot (2388)
- Fix: [newgrf] Load power for dual-headed engines correctly (2400)
- Fix: [newgrf] When resolving callbacks, dont ignore wagon overrides (2410)
- Fix: Station ratings aren't affected by speed limits from realistic
acceleration anymore (2411)
- Fix: building vehicles without depot crashed the game (2412)
- Fix: certain resolutions caused a crash when minimap was partly dragged
outside the game window (2424)
- Fix: Deleting canals under bridges removed bridges first in certain
configurations (2436)
- Fix: [NPF] Vehicles try to drive into a tunnel entrance from above (2471)
- Fix: [newgrf] Some road vehicle action 0 properties were loaded as the wrong
type (int8,int16,int32) causing undefined results. (like cargo types being
wrong) (2474)
- Fix: The console variable autoclean_unprotected was linked to the variable
_network_autoclean_protected (2498)
- Fix: Old bug in the PCX writer: The first pixel column contained garbage, the
picture was shifted one to the right, and the last column was dropped (2512)
- Fix: Using the mouse wheel could lead to a crash if mouse was not over a
widget (2530)
- Fix: blinking 'lock' gfx in multiplayer games (2548)
- Fix: Remove original train pathfinder. Enhanced old pathfinder. (2553)
- Fix: Spaces in the path to the MIDI files caused the win32 MIDI player to
fail (2563)
- Fix: set server map name to the loaded name of the game/scenario (2610)
- Fix: Improve the old pathfinder. Changed it to A* instead of Dijkstra.
Benchmark shows that NTP is now around 10x faster than NPF (2635)
- Fix: Correctly save and load company_value, it's 64 bits wide, not 32 bits
(2684)
- Fix: Volume control works now for the DirectMusic MIDI backend (2712)
- Fix: Change the fence algorithm so it removes fences when no farm tile is
adjacent (2739)
- Fix: Tree tiles above the snow line got redrawn disproportionately often
(2750)
- Fix: Depots could build trains of the wrong track type (2764)
- Fix: Sort the directories in the scenarion/savegame list (2860)
- Fix: On OS/2 show the trailing \ if the current directory is a root directory
(2860)
- Fix: Return a proper version number, when testing the TTDPatch version in the
SkipIf action (2862)
- Fix: Change the way NewGRFs are loaded, this saves quite some sprite slots -
about 2000 for DBSetXL for example (2868)
- Fix: Several format string vulnerabilities and buffer overflows in the
network code (2899)
- Fix: fixed issue where autorenewed vehicles didn't get all stats updated
(2912)
- Fix: Exit the child of the extmidi backend with _exit() instead of exit(),
because we don't want any atexit handlers - especially flushing output streams
- to run, if exec() fails (2938)
- Fix: Server crash with "say"-command (2950)
- Fix: Fix win32 midi volume level control which didn't work (2960)
- Fix: [OSX] quitting the game no longer leaves a process behind that eats all
the CPU power (3281)
- Fix: Fix for [ 1216203 ] UFO-broken waypoint (2961)
- Fix: [newgrf] Include missing grf feature canal
- Fix: [newgrf] Add bounds checking to VehicleChangeInfo for vehicles
- Fix: [newgrf] Wagon speed limits don't apply for wagons with livery overrides
- Fix: Align settings pool items to the size of void* to fix bus errors on
64bit architectures which require aligned variables (2976)
- Fix: restart_game_date is an UINT16, not a BYTE. Now setting the game restart
year via the console should work (2987)
- Fix: [newgrf] Some GRF files don't specify a name or description, in which
case the Action 8 is 8 bytes, not 9 (3005)
- Fix: The finnish markka was never abbreviated with capital letters (3021)
- Fix: Improve handling of non-existent sprite sets (3044)
- Fix: Don't attempt to map and empty sprite group to a vehicle (3045)
- Fix: Fixed typo and hang for BeOS Networking (3053)
- Fix: On Win98 and lower when you go to the root directory of a drive (eg.
C:\) you were stuck there indefinitely and couldn't change any directories or
see any files (3056)
- Fix: Complete rewrite of autoreplace; multiheaded train engines are replaced
correctly (3081)
- Fix: A new train is now made if the front unit is an engine and the former
front engine is moved away (3144)
- Fix: There are only 2 possible directions for ship depots, not 4 (3199)
- Fix: Allow bribing up to the maximum rating for bribing, don't disable this
option at some arbitrary value early (3201)
- Fix: Don't lower land on tunnel, even with diag tracks on it (3228)
- Fix: Crash when making a screenshotin the main menu (3235)
- Fix: Crash when starting a scenarion via 'New Game' fails (3235)
- Fix: Determine clicked status of sticky icon from window flags rather than
the widget click state (3247)
- Fix: Graphical glitch with autorail tool on a certain tile-types (3254)
- Fix: Center the X of the window close button (3302)
- Fix: [newgrf] Unload engine names before loading grf files (3316)
- Fix: Network window crash when it receives invalid information for example
from the integrated nightly, so validate the network-input when it is received
(3322)
- Fix: Build failed if SDL is built without pthread support (3326)
- Fix: Move initialization of vehicle random_bits to DC_EXEC blocks to allow
use of Random() instead of InteractiveRandom(), which will alleviate some
possib le network desyncs (3352)
- Fix: The default AI tried to change the service intervals of vehicles via the
CMD_CHANGE_TRAIN_SERVICE_INT command - regardless of the type of the vehicle
(3367)
- Fix: Out-of-bounds array access when road vehicles overtook in a curve caused
desyncs (3371)
- Fix: Update signal states when building or removing rail station blocks
(3372)
- Fix: Don't allow trains to get bigger than 100 via drag and drop (3374)
- Fix: Don't reset date in the scenario editor when pressing RandomLand (3376)
- Fix: [newgrf] Running cost should be halved for dual head vehicles (3384)
- Fix: No fence was placed when placing fences and the neighbouring tile is a
rail configuration which permits a fence but has a signal (3389)
- Fix: [newgrf] Ignore non-climate dependent cargo types (3394)
- Fix: [newgrf] Only add a random number of days to an engine's base
introduction date if that date is not 0 (3410)
- Fix: When changing the server password via the console, actually set the
password as well as flag whether it is required (3411)
- Fix: Under certain conditions placing a road tile parallel under a bridge
would, instead of failing, succeed and place a perpendicular piece (3413)
- Fix: Disable the Fund New Industry menu item and window when connected to a
server as a spectator (3414)
- Fix: Disable the clone and refit buttons in the train view when viewing
another player's vehicles, or as a spectator (3415)
- Fix: Disallow building an oil rig above sea level (3416)
- Fix: When removing a town-owned tunnel the player's rating was not reduced
(3418)
- Fix: (Possible) game crash on removing track/road under bridge if a vehicle
was on the track/road under the bridge and the track/road sloped (3419)
- Fix: [newgrf] Only power should decide whether a rail vehicle is an engine or
a wagon. (fixes SHIKI 810 in jpsetw.grf) (3424)
- Fix: Incorrect validating of tree-planting command which can allow a
buffer-overflow (3446)
- Fix: [newgrf] When changing the sprite ID of a vehicle, if it is not FD
(custom graphics), the value needs to changed from a 16bit array offset to an
array index. (fixes tropicstw.grf) (3449)
- Fix: You couldn't remove an item from a list-type of config ingame from the
configuration file (3475)
- Fix: [newgrf] Always reinitialize the ttdpatch flags as patch settings may
have changed (3486)
- Fix: Price for demolishing a bridge was dependent on orientation and map size
(3487)
|
|
|
|
build fix for xorg-libs on linux
Revisions pulled up:
- pkgsrc/x11/xorg-libs/distinfo 1.47
- pkgsrc/x11/xorg-libs/patches/patch-bf 1.4
- pkgsrc/x11/xorg-libs/patches/patch-bg 1.4
Module Name: pkgsrc
Committed By: minskim
Date: Sun Jul 23 13:34:06 UTC 2006
Modified Files:
pkgsrc/x11/xorg-libs: distinfo
pkgsrc/x11/xorg-libs/patches: patch-bf patch-bg
Log Message:
Pass "-I." to the preprocessor so that xf86drm.h is found on Linux.
Approved by the maintainer.
|
|
|
|
security fix for php5
Revisions pulled up:
- pkgsrc/lang/php5/Makefile 1.39
- pkgsrc/lang/php5/distinfo 1.26
- pkgsrc/lang/php5/patches/patch-aw 1.1
Module Name: pkgsrc
Committed By: taca
Date: Thu Aug 10 05:57:09 UTC 2006
Modified Files:
pkgsrc/lang/php5: Makefile distinfo
Added Files:
pkgsrc/lang/php5/patches: patch-aw
Log Message:
Add security fix for Secunia Advisory SA21403 from PHP's CVS repository.
Bump PKGREVISION.
|
|
security fix for heimdal
Revisions pulled up:
- pkgsrc/security/heimdal/Makefile 1.60-1.62
- pkgsrc/security/heimdal/distinfo 1.20-1.21
- pkgsrc/security/heimdal/PLIST 1.11
- pkgsrc/security/heimdal/PLIST.Linux removed
- pkgsrc/security/heimdal/patches/patch-al 1.1
- pkgsrc/security/heimdal/patches/patch-am 1.1
- pkgsrc/security/heimdal/patches/patch-an 1.1
- pkgsrc/security/heimdal/patches/patch-ao 1.1
- pkgsrc/security/heimdal/patches/patch-ap 1.1
- pkgsrc/security/heimdal/patches/patch-aq 1.1
Module Name: pkgsrc
Committed By: markd
Date: Sun Jul 2 13:53:28 UTC 2006
Modified Files:
pkgsrc/security/heimdal: Makefile
Added Files:
pkgsrc/security/heimdal: PLIST.SunOS
Log Message:
Solaris does not have err.h, glob.h, ifaddrs.h and vis.h compatible with
heimdal, so heimdal installs its own. Add them in PLIST.SunOS
Fixes PR pkg/33656. Bump PKGREVISION.
---
Module Name: pkgsrc
Committed By: jlam
Date: Wed Jul 5 04:39:15 UTC 2006
Modified Files:
pkgsrc/security/heimdal: Makefile PLIST distinfo
Added Files:
pkgsrc/security/heimdal/patches: patch-al
Removed Files:
pkgsrc/security/heimdal: PLIST.Linux PLIST.SunOS
Log Message:
Back out previous and do the same thing more generally for all platforms.
Since the heimdal install process will install additional headers in
${PREFIX}/include/krb5 depending on what the configure process detects,
simply query the source Makefile at install-time for the extra headers
that it will install and dynamically add them to the PLIST.
---
Module Name: pkgsrc
Committed By: salo
Date: Wed Aug 9 17:58:09 UTC 2006
Modified Files:
pkgsrc/security/heimdal: Makefile distinfo
Added Files:
pkgsrc/security/heimdal/patches: patch-am patch-an patch-ao patch-ap
patch-aq
Log Message:
Security fix for SA21436:
"A security issue has been reported in Heimdal, which potentially can be
exploited by malicious, local users to perform certain actions with
escalated privileges.
The security issue is caused due to missing checks for whether the
"setuid()" call has succeeded in the bundled rcp application. This may
be exploited to perform certain actions with root privileges if the
"setuid()" call fails due to e.g. resource limits."
http://secunia.com/advisories/21436/
http://www.pdc.kth.se/heimdal/advisory/2006-08-08/
Bump PKGREVISION.
|
|
security fix for mit-krb5
Revisions pulled up:
- pkgsrc/security/mit-krb5/Makefile 1.38
- pkgsrc/security/mit-krb5/distinfo 1.15
- pkgsrc/security/mit-krb5/patches/patch-am 1.1
- pkgsrc/security/mit-krb5/patches/patch-an 1.1
- pkgsrc/security/mit-krb5/patches/patch-ao 1.1
- pkgsrc/security/mit-krb5/patches/patch-ap 1.1
- pkgsrc/security/mit-krb5/patches/patch-aq 1.1
- pkgsrc/security/mit-krb5/patches/patch-ar 1.1
- pkgsrc/security/mit-krb5/patches/patch-as 1.1
Module Name: pkgsrc
Committed By: salo
Date: Wed Aug 9 17:31:10 UTC 2006
Modified Files:
pkgsrc/security/mit-krb5: Makefile distinfo
Added Files:
pkgsrc/security/mit-krb5/patches: patch-am patch-an patch-ao patch-ap
patch-aq patch-ar patch-as
Log Message:
Security fixes for SA21402:
"A security issue has been reported in Kerberos, which potentially can
be exploited by malicious, local users to perform certain actions with
escalated privileges.
The security issue is caused due to missing checks for whether the
"setuid()" call has succeeded in the bundled krshd and v4rcp
applications. This can be exploited to disclose or manipulate the
contents of arbitrary files or execute arbitrary code with root
privileges if the "setuid()" call fails due to e.g. resource limits."
http://secunia.com/advisories/21402/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3083
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3084
http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2006-001-setuid.txt
Bump PKGREVISION.
|
|
security update for clamav
Revisions pulled up:
- pkgsrc/mail/clamav/Makefile 1.60-1.61
- pkgsrc/mail/clamav/Makefile 1.36-1.37
Module Name: pkgsrc
Committed By: xtraeme
Date: Sun Jul 2 12:01:13 UTC 2006
Modified Files:
pkgsrc/mail/clamav: Makefile distinfo
Log Message:
Update to 0.88.3:
This version fixes handling of large binhex files and multiple alternatives
in virus signatures.
---
Module Name: pkgsrc
Committed By: salo
Date: Wed Aug 9 18:35:45 UTC 2006
Modified Files:
pkgsrc/mail/clamav: Makefile distinfo
Log Message:
Security update to version 0.88.4
Changes:
- libclamav/upx.c: fix possible heap overflow
See http://www.clamav.net/security/0.88.4.html for details.
- libclamav/tnef.c: handle trailing newline at the end of winmail.dat,
bug reported by Menno Smits <menno*netboxblue.com>
- freshclam/manager.c: fix possible infinite loop when read() fails
in get_database(), spotted by Everton da Silva Marques
<everton*lab.ipaccess.diveo.net.br>
|
|
|
|
security update for mysql5
Revisions pulled up:
- pkgsrc/databases/mysql5-client/Makefile 1.8
- pkgsrc/databases/mysql5-client/distinfo 1.8
- pkgsrc/databases/mysql5-client/Makefile.common 1.15
- pkgsrc/databases/mysql5-client/PLIST 1.5
- pkgsrc/databases/mysql5-client/patches/patch-ac 1.2
- pkgsrc/databases/mysql5-client/patches/patch-ae 1.6
- pkgsrc/databases/mysql5-server/Makefile 1.14, 1.15, 1.16
- pkgsrc/databases/mysql5-server/PLIST 1.7
- pkgsrc/databases/mysql5-server/distinfo 1.9, 1.10
- pkgsrc/databases/mysql5-server/patches/patch-ab 1.2
- pkgsrc/databases/mysql5-server/patches/patch-ac 1.3
- pkgsrc/databases/mysql5-server/patches/patch-af 1.2
Module Name: pkgsrc
Committed By: sketch
Date: Mon Jul 10 20:16:53 UTC 2006
Modified Files:
pkgsrc/databases/mysql5-server: Makefile distinfo
pkgsrc/databases/mysql5-server/patches: patch-ac
Log Message:
Solaris fixes:
- Pass appropriate flags to SunPro compiler to work with Solaris 9 and below
for threading model used.
- Pass one directory at a time to `install -d'.
---
Module Name: pkgsrc
Committed By: rillig
Date: Wed Jul 12 11:56:05 UTC 2006
Modified Files:
pkgsrc/databases/mysql5-server: Makefile
Log Message:
Fixed the path to the Perl interpreter in one file. Bumped PKGREVISION.
---
Module Name: pkgsrc
Committed By: tron
Date: Sun Aug 6 16:30:40 UTC 2006
Modified Files:
pkgsrc/databases/mysql5-client: Makefile Makefile.common PLIST
distinfo
pkgsrc/databases/mysql5-client/patches: patch-ac patch-ae
pkgsrc/databases/mysql5-server: Makefile PLIST distinfo
pkgsrc/databases/mysql5-server/patches: patch-ab patch-af
Log Message:
Update "mysql5-client" and "mysql5-server" packages to version 5.0.24.
Changes since version 5.0.22:
- Security fix: If a user has access to MyISAM table t, that user can
create a MERGE table m that accesses t. However, if the user's
privileges on t are subsequently revoked, the user can continue to
access t by doing so through m. If this behavior is undesirable, you
can start the server with the new --skip-merge option to disable the
MERGE storage engine. (Bug#15195)
- In the INFORMATION_SCHEMA.ROUTINES table the ROUTINE_DEFINITION
column now is defined as NULL rather than NOT NULL. Also, NULL rather
than the empty string is returned as the column value if the user does
not have sufficient privileges to see the routine
definition. (Bug#20230)
- Several other bug fixes
|
|
|
|
security update for trac and ja-trac
Revisions pulled up:
- pkgsrc/www/trac/Makefile 1.20
- pkgsrc/www/trac/distinfo 1.15
- pkgsrc/www/ja-trac/Makefile 1.4
- pkgsrc/www/ja-trac/distinfo 1.4
Module Name: pkgsrc
Committed By: salo
Date: Tue Jul 11 17:29:40 UTC 2006
Modified Files:
pkgsrc/www/trac: Makefile distinfo
Log Message:
Security update to version 0.9.6:
Changes:
* Fixed reStructuredText breach of privacy and denial of service
vulnerability found by Felix Wiemann.
* trac-post-commit-hook fixes.
* Fixed bugs: #2894, #3058, #3209 #3325.
---
Module Name: pkgsrc
Committed By: salo
Date: Tue Jul 11 17:38:42 UTC 2006
Modified Files:
pkgsrc/www/ja-trac: Makefile distinfo
Log Message:
Update to version 0.9.6.1:
Changes:
Trac-0.9.6-ja-1 (Jul 7, 2006)
* Merge trac-0.9.6
* Update to current statement.
* README.trac-ja
* wiki-default/TracJa
Trac 0.9.6 (Jul 6, 2006)
http://svn.edgewall.com/repos/trac/tags/trac-0.9.6
* Fixed reStructuredText breach of privacy and denial of service
* vulnerability
found by Felix Wiemann.
* trac-post-commit-hook fixes.
* Fixed bugs: #2894, #3058, #3209 #3325.
From PR pkg/33942 by Akio OBATA.
|
|
|
|
security fix for cfs
Revisions pulled up:
- pkgsrc/security/cfs/Makefile 1.28
- pkgsrc/security/cfs/distinfo 1.11
- pkgsrc/security/cfs/patches/patch-ah 1.2
Module Name: pkgsrc
Committed By: adrianp
Date: Sat Aug 5 13:30:26 UTC 2006
Modified Files:
pkgsrc/security/cfs: distinfo
pkgsrc/security/cfs/patches: patch-ah
Log Message:
Fix for SA21310/CVE-2006-3123
Patch via. Debian
---
Module Name: pkgsrc
Committed By: adrianp
Date: Sat Aug 5 13:38:26 UTC 2006
Modified Files:
pkgsrc/security/cfs: Makefile
Log Message:
Bump to nb6
|
|
|
|
security update for drupal
Revisions pulled up:
- pkgsrc/www/drupal/Makefile 1.15
- pkgsrc/www/drupal/distinfo 1.11
Module Name: pkgsrc
Committed By: adrianp
Date: Sat Aug 5 12:44:02 UTC 2006
Modified Files:
pkgsrc/www/drupal: Makefile distinfo
Log Message:
Update to 4.7.3
Only change appears to be a fix for an XSS bug
|
|
|
|
build fix for gcvs
Revisions pulled up:
- pkgsrc/devel/gcvs/distinfo 1.6
- pkgsrc/devel/gcvs/patches/patch-ar 1.1
Module Name: pkgsrc
Committed By: wiz
Date: Thu Aug 3 18:35:43 UTC 2006
Modified Files:
pkgsrc/devel/gcvs: distinfo
Added Files:
pkgsrc/devel/gcvs/patches: patch-ar
Log Message:
Fix build with gcc4. Patch from Kenneth Freidank in PR 34132.
|
|
|
|
PLIST fix for cppunit
Revisions pulled up:
- pkgsrc/devel/cppunit/Makefile 1.9
- pkgsrc/devel/cppunit/distinfo 1.5
Module Name: pkgsrc
Committed By: wiz
Date: Wed Jul 5 21:32:41 UTC 2006
Modified Files:
pkgsrc/devel/cppunit: Makefile PLIST
Log Message:
Depend on latest doxygen (1.4.7) and fix PLIST for it.
Bump PKGREVISION.
|
